Skip to main content
Security Advisory: CVE-2025-55182 (React2Shell) is being actively exploited. Install nextjs-fortress immediately to protect your application.
Learn More

nextjs-fortress

Universal Security Validation Framework for Next.js

Protect your Next.js application from CVE-2025-55182 (React2Shell) and all major attack vectors with zero configuration.

CVE-2025-55182 Protected<1ms Overhead7 Security Layers
Get Started - 5 minutesWhat is Fortress?
middleware.ts
import { createFortressMiddleware } from '@mindfiredigital/nextjs-fortress';
import { fortressConfig } from './fortress.config';

export const middleware = createFortressMiddleware(fortressConfig);

// ✅ Your entire app is now protected!
7
Security Layers
<1ms
Overhead
100%
CVE Protected
0
Config Required

CVE-2025-55182 Protection

Complete protection against React2Shell vulnerability. Blocks prototype pollution, dangerous keys, and all attack vectors targeting React Server Components.

Zero Performance Impact

Less than 1ms overhead per request. Optimized validation algorithms ensure your application stays fast while remaining secure against all threats.

7 Layers of Protection

Deserialization, Injection Detection, Encoding Validation, CSRF, Rate Limiting, Content Validation, and Security Headers - all working together.

Ghost Mode Defense

Detects UTF-16LE encoding bypasses that trick WAFs. Prevents sophisticated attackers from using encoding tricks to deliver malicious payloads.

Zero Configuration

Works out of the box with sensible defaults. Add one middleware file and your entire Next.js application is protected. Customize when needed.

Security Logging

Comprehensive security event logging with severity levels, confidence scores, and attack details. Send events to Sentry, DataDog, or your SIEM.

Protected in 3 Steps

1

Install

npm install @mindfiredigital/nextjs-fortress
2

Configure

// fortress.config.ts
export const fortressConfig = {
  enabled: true,
  mode: 'production',
  modules: { /* all enabled by default */ }
}
3

Protect

// middleware.ts
export const middleware = createFortressMiddleware(fortressConfig);
// Done! 🎉

Built by Mindfire Digital

Open source • MIT License • Community Driven